coderabbit-security-basics

Implements CodeRabbit security best practices for API keys and access control, ensuring secure configurations and compliance.

Install this skill

72/100

Security score

The coderabbit-security-basics skill was audited on Feb 21, 2026 and we found 12 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 40

Template literal with variable interpolation in command context

SourceSKILL.md

```bash

medium line 85

Webhook reference - potential data exfiltration

SourceSKILL.md

85	### Webhook Signature Verification

low line 89

Webhook reference - potential data exfiltration

SourceSKILL.md

89	function verifyWebhookSignature(

medium line 102

Webhook reference - potential data exfiltration

SourceSKILL.md

102	- [ ] Webhook signatures validated

low line 29

Access to .env file

SourceSKILL.md

29	# .env (NEVER commit to git)

low line 34

Access to .env file

SourceSKILL.md

.env

low line 35

Access to .env file

SourceSKILL.md

35	.env.local

low line 36

Access to .env file

SourceSKILL.md

36	.env.*.local

low line 77

Access to .env file

SourceSKILL.md

77	apiKey: process.env.CODERABBIT_READ_KEY,

low line 80

Access to .env file

SourceSKILL.md

80	apiKey: process.env.CODERABBIT_WRITE_KEY,

medium line 99

Access to .env file

SourceSKILL.md

99	- [ ] `.env` files in `.gitignore`

low line 47

External URL reference

SourceSKILL.md

47	https://api.coderabbit.com/health

Scanned on Feb 21, 2026

View Security Dashboard

Installation guide →

GitHub Stars 508

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

openclaw api backend devops-sre backend-developer security-engineer development

Dicklesworthstone/pi_agent_rust